Workforce Identity
Endpoint Management
Endpoint Detection & Response
Vulnerability Management
Compliance Automation
Trust Center
Vulnerability Response
Published by Iru, Inc
Configure Vulnerability Response settings to automate critical security patch deployment when high-severity or critical CVEs (Common Vulnerabilities and Exposures) are detected in managed applications across your Mac devices. This profile enables IT administrators to establish automated remediation workflows that leverage Kandji Auto Apps to immediately update vulnerable software without requiring manual intervention or user action. Vulnerability Response reduces the window of exposure to actively exploited security flaws by eliminating deployment delays, ensuring compliance with security patch timelines, and protecting endpoints from known threats through intelligent, priority-based update enforcement that responds dynamically to emerging vulnerability disclosures.
Configure Avert settings to establish comprehensive malware detection and prevention policies that protect managed endpoints from malicious software, potentially unwanted programs (PUPs), and security threats. This profile enables IT administrators to define organizational threat tolerance levels, create custom allow and block lists for specific applications or file types, and enforce real-time threat response actions. Avert provides layered security by combining signature-based detection with behavioral analysis to identify emerging threats while offering granular control over application execution policies, ensuring endpoints remain secure without impacting legitimate business operations or user productivity.
Enable full-disk encryption on Mac devices using Apple's FileVault technology to protect data at rest with XTS-AES-128 encryption. Configure FileVault to require user authentication at startup, manage recovery key escrow options, and enforce encryption policies across your devices. Deploy this profile to ensure compliance with data protection regulations, safeguard sensitive information on lost or stolen devices, and maintain centralized control over encryption settings. Supports both institutional recovery keys and personal recovery keys for flexible key management strategies.
Maintain stability and security with granular control over Apple software update behavior. Orchestrate when and how devices receive OS updates by configuring automatic installation preferences, defining deferral periods for testing and validation, and managing access to beta releases, ensuring your organization stays protected without disrupting productivity. Balance the need for timely security patches against operational stability by implementing phased rollout strategies that let you test updates with pilot groups before broad deployment across your entire Apple ecosystem.